Port Forwarding

Overview

OpenShift Enterprise takes advantage of a feature built into Kubernetes to support port
forwarding to pods. This is implemented using HTTP along with a multiplexed
streaming protocol such as SPDY or
HTTP/2.

Developers can use the CLI to port
forward to a pod. The CLI listens on each local port specified by the user,
forwarding via the described
protocol.

Server Operation

The Kubelet handles port forward requests from clients. Upon receiving a
request, it upgrades the response and waits for the client to create port
forwarding streams. When it receives a new stream, it copies data between the
stream and the pod’s port.

Architecturally, there are options for forwarding to a pod’s port. The supported
implementation currently in OpenShift Enterprise invokes nsenter directly on the
node host to enter the pod’s network namespace, then invokes socat to copy
data between the stream and the pod’s port. However, a custom implementation
could include running a "helper" pod that then runs nsenter and socat, so
that those binaries are not required to be installed on the host.